archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/net/ias/providers/ntuser/auth/changepwd.cpp

414 lines
11 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. ///////////////////////////////////////////////////////////////////////////////
  2. //
  3. // Copyright (c) Microsoft Corporation
  4. //
  5. // SYNOPSIS
  6. //
  7. // Defines the class ChangePassword.
  8. //
  9. ///////////////////////////////////////////////////////////////////////////////
  11. #include <ias.h>
  12. #include <changepwd.h>
  13. #include <blob.h>
  14. #include <iaslsa.h>
  15. #include <iastlutl.h>
  16. #include <ntsamauth.h>
  17. #include <samutil.h>
  20. STDMETHODIMP ChangePassword::Initialize()
  21. {
  22. DWORD error = IASLsaInitialize();
  23. return HRESULT_FROM_WIN32(error);
  24. }
  27. STDMETHODIMP ChangePassword::Shutdown()
  28. {
  29. IASLsaUninitialize();
  30. return S_OK;
  31. }
  34. IASREQUESTSTATUS ChangePassword::onSyncRequest(IRequest* pRequest) throw ()
  35. {
  36. try
  37. {
  38. IASTL::IASRequest request(pRequest);
  40. // Only process change password requests.
  41. IASTL::IASAttribute authType;
  42. if (authType.load(
  43. request,
  44. IAS_ATTRIBUTE_AUTHENTICATION_TYPE,
  45. IASTYPE_ENUM
  46. ))
  47. {
  48. switch (authType->Value.Enumerator)
  49. {
  50. case IAS_AUTH_MSCHAP_CPW:
  51. // Fall through.
  52. case IAS_AUTH_MSCHAP2_CPW:
  53. doChangePassword(request, authType->Value.Enumerator);
  54. break;
  56. default:
  57. // Do nothing.
  58. break;
  59. }
  60. }
  61. }
  62. catch (const _com_error& ce)
  63. {
  64. IASTraceExcept();
  65. IASProcessFailure(pRequest, ce.Error());
  66. }
  68. return IAS_REQUEST_STATUS_CONTINUE;
  69. }
  72. bool ChangePassword::tryMsChapCpw1(
  73. IASTL::IASRequest& request,
  74. PCWSTR domainName,
  75. PCWSTR username,
  76. PBYTE challenge
  77. )
  78. {
  79. // Is the MS-CHAP-CPW-1 VSA present?
  80. IASTL::IASAttribute attr;
  81. if (!attr.load(
  82. request,
  83. MS_ATTRIBUTE_CHAP_CPW1,
  84. IASTYPE_OCTET_STRING
  85. ))
  86. {
  87. return false;
  88. }
  89. MSChapCPW1& cpw1 = blob_cast<MSChapCPW1>(attr);
  91. IASTraceString("Processing MS-CHAP-CPW-1.");
  93. // Is LM Authentication allowed?
  94. if (NTSamAuthentication::enforceLmRestriction(request))
  95. {
  96. // Change the password.
  97. BYTE newNtResponse[_NT_RESPONSE_LENGTH];
  98. BYTE newLmResponse[_LM_RESPONSE_LENGTH];
  99. DWORD status;
  100. status = IASChangePassword1(
  101. username,
  102. domainName,
  103. challenge,
  104. cpw1.get().lmOldPwd,
  105. cpw1.get().lmNewPwd,
  106. cpw1.get().ntOldPwd,
  107. cpw1.get().ntNewPwd,
  108. cpw1.getNewLmPwdLen(),
  109. cpw1.isNtPresent(),
  110. newNtResponse,
  111. newLmResponse
  112. );
  113. if (status == NO_ERROR)
  114. {
  115. IASTraceString("Password successfully changed.");
  117. // Password was successfully changed, so authenticate the user.
  118. NTSamAuthentication::doMsChapAuthentication(
  119. request,
  120. domainName,
  121. username,
  122. cpw1.get().ident,
  123. challenge,
  124. newNtResponse,
  125. newLmResponse
  126. );
  127. }
  128. else
  129. {
  130. IASTraceFailure("IASChangePassword1", status);
  132. if (status == ERROR_ACCESS_DENIED)
  133. {
  134. status = IAS_CHANGE_PASSWORD_FAILURE;
  135. }
  136. else
  137. {
  138. status = IASMapWin32Error(status, IAS_CHANGE_PASSWORD_FAILURE);
  139. }
  141. IASProcessFailure(request, status);
  142. }
  143. }
  145. return true;
  146. }
  149. bool ChangePassword::tryMsChapCpw2(
  150. IASTL::IASRequest& request,
  151. PCWSTR domainName,
  152. PCWSTR username,
  153. PBYTE challenge
  154. )
  155. {
  156. // Is the MS-CHAP-CPW-2 VSA present?
  157. IASAttribute attr;
  158. if (!attr.load(
  159. request,
  160. MS_ATTRIBUTE_CHAP_CPW2,
  161. IASTYPE_OCTET_STRING
  162. ))
  163. {
  164. return false;
  165. }
  166. MSChapCPW2& cpw2 = blob_cast<MSChapCPW2>(attr);
  168. IASTraceString("Processing MS-CHAP-CPW-2.");
  170. // Check LM Authentication.
  171. if (!cpw2.isLmPresent() ||
  172. NTSamAuthentication::enforceLmRestriction(request))
  173. {
  174. //////////
  175. // Assemble the encrypted passwords.
  176. //////////
  178. BYTE ntEncPW[_SAMPR_ENCRYPTED_USER_PASSWORD_LENGTH];
  179. if (!MSChapEncPW::getEncryptedPassword(
  180. request,
  181. MS_ATTRIBUTE_CHAP_NT_ENC_PW,
  182. ntEncPW
  183. ))
  184. {
  185. _com_issue_error(IAS_MALFORMED_REQUEST);
  186. }
  188. BOOL lmPresent = FALSE;
  189. BYTE lmEncPW[_SAMPR_ENCRYPTED_USER_PASSWORD_LENGTH];
  190. if (cpw2.isLmHashValid())
  191. {
  192. lmPresent = MSChapEncPW::getEncryptedPassword(
  193. request,
  194. MS_ATTRIBUTE_CHAP_LM_ENC_PW,
  195. lmEncPW
  196. );
  197. }
  199. //////////
  200. // Change the password.
  201. //////////
  203. DWORD status;
  204. status = IASChangePassword2(
  205. username,
  206. domainName,
  207. cpw2.get().oldNtHash,
  208. cpw2.get().oldLmHash,
  209. ntEncPW,
  210. lmPresent ? lmEncPW : NULL,
  211. cpw2.isLmHashValid()
  212. );
  214. if (status == NO_ERROR)
  215. {
  216. IASTraceString("Password successfully changed.");
  218. // Password was successfully changed, so authenticate the user.
  219. PBYTE ntResponse;
  220. if (cpw2.isNtResponseValid())
  221. {
  222. ntResponse = cpw2.get().ntResponse;
  223. }
  224. else
  225. {
  226. ntResponse = NULL;
  227. }
  228. NTSamAuthentication::doMsChapAuthentication(
  229. request,
  230. domainName,
  231. username,
  232. cpw2.get().ident,
  233. challenge,
  234. ntResponse,
  235. cpw2.get().lmResponse
  236. );
  237. }
  238. else
  239. {
  240. IASTraceFailure("IASChangePassword2", status);
  242. if (status == ERROR_ACCESS_DENIED)
  243. {
  244. status = IAS_CHANGE_PASSWORD_FAILURE;
  245. }
  246. else
  247. {
  248. status = IASMapWin32Error(status, IAS_CHANGE_PASSWORD_FAILURE);
  249. }
  251. IASProcessFailure(request, status);
  252. }
  253. }
  255. return true;
  256. }
  259. void ChangePassword::doMsChapCpw(
  260. IASTL::IASRequest& request,
  261. PCWSTR domainName,
  262. PCWSTR username,
  263. IAS_OCTET_STRING& msChapChallenge
  264. )
  265. {
  266. if (msChapChallenge.dwLength != _MSV1_0_CHALLENGE_LENGTH)
  267. {
  268. _com_issue_error(IAS_MALFORMED_REQUEST);
  269. }
  271. PBYTE challenge = msChapChallenge.lpValue;
  273. if (!tryMsChapCpw2(request, domainName, username, challenge) &&
  274. !tryMsChapCpw1(request, domainName, username, challenge))
  275. {
  276. _com_issue_error(IAS_INTERNAL_ERROR);
  277. }
  278. }
  281. void ChangePassword::doMsChap2Cpw(
  282. IASTL::IASRequest& request,
  283. PCWSTR domainName,
  284. PCWSTR username,
  285. IAS_OCTET_STRING& msChapChallenge
  286. )
  287. {
  288. IASTraceString("Processing MS-CHAP v2 change password.");
  290. // Is the necessary attribute present ?
  291. IASAttribute attr;
  292. if (!attr.load(
  293. request,
  294. MS_ATTRIBUTE_CHAP2_CPW,
  295. IASTYPE_OCTET_STRING
  296. ))
  297. {
  298. _com_issue_error(IAS_INTERNAL_ERROR);
  299. }
  300. MSChap2CPW& cpw = blob_cast<MSChap2CPW>(attr);
  302. //////////
  303. // Assemble the encrypted password.
  304. //////////
  306. BYTE encPW[_SAMPR_ENCRYPTED_USER_PASSWORD_LENGTH];
  307. if (!MSChapEncPW::getEncryptedPassword(
  308. request,
  309. MS_ATTRIBUTE_CHAP_NT_ENC_PW,
  310. encPW
  311. ))
  312. {
  313. _com_issue_error(IAS_MALFORMED_REQUEST);
  314. }
  316. //////////
  317. // Change the password.
  318. //////////
  320. DWORD status;
  321. status = IASChangePassword3(
  322. username,
  323. domainName,
  324. cpw.get().encryptedHash,
  325. encPW
  326. );
  328. if (status == NO_ERROR)
  329. {
  330. IASTraceString("Password successfully changed.");
  332. // Password was successfully changed, so authenticate the user.
  333. NTSamAuthentication::doMsChap2Authentication(
  334. request,
  335. domainName,
  336. username,
  337. cpw.get().ident,
  338. msChapChallenge,
  339. cpw.get().response,
  340. cpw.get().peerChallenge
  341. );
  342. }
  343. else
  344. {
  345. IASTraceFailure("IASChangePassword3", status);
  347. if (status == ERROR_ACCESS_DENIED)
  348. {
  349. status = IAS_CHANGE_PASSWORD_FAILURE;
  350. }
  351. else
  352. {
  353. status = IASMapWin32Error(status, IAS_CHANGE_PASSWORD_FAILURE);
  354. }
  356. IASProcessFailure(request, status);
  357. }
  358. }
  361. void ChangePassword::doChangePassword(
  362. IASTL::IASRequest& request,
  363. DWORD authType
  364. )
  365. {
  366. IASTL::IASAttribute identity;
  367. if (!identity.load(
  368. request,
  369. IAS_ATTRIBUTE_NT4_ACCOUNT_NAME,
  370. IASTYPE_STRING
  371. ))
  372. {
  373. _com_issue_error(IAS_INTERNAL_ERROR);
  374. }
  376. // Convert the User-Name to SAM format.
  377. SamExtractor extractor(*identity);
  378. PCWSTR domain = extractor.getDomain();
  379. PCWSTR username = extractor.getUsername();
  381. IASAttribute msChapChallenge;
  382. if (!msChapChallenge.load(
  383. request,
  384. MS_ATTRIBUTE_CHAP_CHALLENGE,
  385. IASTYPE_OCTET_STRING
  386. ))
  387. {
  388. _com_issue_error(IAS_INTERNAL_ERROR);
  389. }
  391. switch (authType)
  392. {
  393. case IAS_AUTH_MSCHAP_CPW:
  394. doMsChapCpw(
  395. request,
  396. domain,
  397. username,
  398. msChapChallenge->Value.OctetString
  399. );
  400. break;
  402. case IAS_AUTH_MSCHAP2_CPW:
  403. doMsChap2Cpw(
  404. request,
  405. domain,
  406. username,
  407. msChapChallenge->Value.OctetString
  408. );
  409. break;
  411. default:
  412. _com_issue_error(IAS_INTERNAL_ERROR);
  413. }
  414. }